« Previous 1 2 3
Security and automation with SBOMs
Unboxing
Conclusions
SBOMs are an important strategy whose implementation is mandated by regulatory requirements. However, they also offer great potential for improving processes for secure software development and increasing cyber resilience, in particular through automation in conjunction with the tools presented here, such as IT asset management, patch management, and others. The regulatory requirements alone force companies to act and do not just apply to software companies, but to all areas in which software is part of a product – for example, the firmware. Companies need to address SBOM and its implications now and should leverage its potential to optimize processes and improve integration between software development and cybersecurity.
Infos
- US Executive Order on Improving the Nation's Cybersecurity: https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/
- EU Cyber Resilience Act: https://www.europarl.europa.eu/doceo/document/TA-9-2024-0130_EN.html#title2
- CISA on SBOM: https://www.cisa.gov/sbom
- NTIA minimum elements for an SBOM: https://www.ntia.doc.gov/files/ntia/publications/sbom_minimum_elements_report.pdf
- OWASP CycloneDX: https://cyclonedx.org
- ISO/IEC 5230:2020: https://www.iso.org/standard/81039.html
- ISO/IEC 5962:2021: https://www.iso.org/standard/81870.html
« Previous 1 2 3
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.